Tarih: Issue 58 - February 2015
Cyber attacks are a real and growing threat to worldwide critical infrastructure. Energy firms, public and private utilities, and power grids are highly vulnerable to cyber attacks. According to leading security experts, most of these companies are unprepared to combat cyber threats, or to mitigate damage once an intrusion is discovered. Companies using the outdated “air gaps” method are no longer able to effectively protect industrial control systems. In most cases, an organization’s cyber solutions are largely ineffective on Supervisory Control and Data Acquisition (SCADA) systems. To complicate matters, the various and, in many cases, vastly different commercial, and international compliances standards make it difficult for businesses to effectively and efficiently protect their enterprise networks.
With the emergence of security recommendations and regulatory compliance requirements throughout different industries, a breadth of understanding of these controls is required to implement a solid critical infrastructure security process framework to mitigate risks and increase security. It is also important to ensure as little disruption to service as possible, or the security controls themselves will damage critical infrastructure operations. While the threat of cyber attack is driving necessary concerns about security, critical infrastructure industries are now recognizing that a secure critical infrastructure also includes safe and reliable processes that allow critical infrastructure to operate as expected.